A company or an enterprise may provide various services across a network to serve a variety of clients. Some of these clients may satisfy the security requirements of the enterprise while others may access the resources of the enterprise from networks, services or locations which may not be safe. The enterprise may choose to allow all the clients to access the resources, but may decide to protect sensitive information relating the resources of the servers from some, or all, of the clients. In one example, a client may request to access resources provided by a server of the enterprise via a clientless secure socket layer virtual private network (SSL VPN) session. The enterprise may decide to deny the client access to the actual URLs of the resources the client is accessing, while allowing the client to access the resources requested.